<?php
require "../hi_init.php";
$account = PAPI_GetSafeParam('us');
$password = PAPI_GetSafeParam('password');
$remember = PAPI_GetSafeParam('remember');
if (!$account || !$password) {
$rs['status'] = 0;
$rs['msg'] = '请输入账号和密码';
echo json_encode($rs);
die;
}
if ($account == $admin_config['account'] && $password == $admin_config['password']) {
session('admin_login', '超级管理员');
session('toprx_api_userid', 1);
}
$rs = array();
$sql = "select id,account,password,name from user where account='{$account}'";
if ($row = $db->get_one($sql)) {
if ($row['password'] == md5($password)) {
$rs['status'] = 1;
$rs['msg'] = '登录成功';
if ($_SESSION['toprx_api_userid'] == 1) {
$rs['url'] = 'index.html';
}
session('toprx_api_username', $account);
session('toprx_api_userid', $row['id']);
$now = time();
if ($remember == 'auto_login') {
$session_id = session_id();
$data['auto_login_sessionid'] = $session_id;
public function loginc()
{
$error = '';
// error message
$username = '';
// sender's name
$password = '';
$error1 = '';
$this->load->helper('url');
if (isset($_POST['login'])) {
$this->load->model("sqllogin");
$username = $_POST['username'];
$password = $_POST['password'];
if (trim($username) == '') {
$error = '<div class="errormsg">Please enter username!</div>';
} elseif (trim($password) == '') {
$error = '<div class="errormsg">Please enter a password!</div>';
} elseif (strlen($username) > 0 && strlen($password) > 0) {
$t_user = PAPI_GetSafeParam("username", "", XH_PARAM_TXT);
$t_pwd = PAPI_GetSafeParam("password", "", XH_PARAM_TXT);
$row = $this->sqllogin->sql_check($t_user, $t_pwd);
if (!$row) {
// no rows retrieved
$error = "<div class='errormsg'>Invalid login!</div>";
} else {
$_SESSION['customerid'] = $row['customerid'];
}
if ($error == '') {
$_SESSION['timeout'] = time();
$_SESSION['username'] = $username;
echo "<script>location.href='home';</script>";
}
}
$alldata['error'] = $error;
$this->load->view('loginc', $alldata);
} elseif (isset($_POST['register'])) {
$this->load->model("sqllogin");
$username = htmlentities($_POST['username']);
$password = htmlentities($_POST['password']);
$email = htmlentities($_POST['email']);
$age = htmlentities($_POST['age']);
$phone = htmlentities($_POST['phone']);
$address = htmlentities($_POST['address']);
$city = htmlentities($_POST['city']);
$state = htmlentities($_POST['state']);
$country = htmlentities($_POST['country']);
$zip = htmlentities($_POST['zip']);
$t_user = PAPI_GetSafeParam("username", "", XH_PARAM_TXT);
$row1 = $this->sqllogin->select_if($t_user);
if ($row1) {
$error1 = '<div class="errormsg">The username has been used!</div>';
$alldata['error1'] = $error1;
$this->load->view('loginc', $alldata);
} else {
$data = array('address' => $address, 'city' => $city, 'state' => $state, 'country' => $country, 'zip' => $zip);
$addressid = $this->sqllogin->insert_address($data);
$data1 = array('username' => $username, 'password' => $password, 'email' => $email, 'age' => $age, 'phone' => $phone, 'addressid' => $addressid);
$id = $this->sqllogin->insert_customer($data1);
if ($id) {
echo "<script>\n window.alert('You have registered successfully! Please login now!');\n location.href='loginc';</script>";
}
}
} else {
$this->load->view('loginc');
}
}
<?php
require 'hi_init.php';
if ($_SESSION['toprx_api_userid'] != 1 || $_SESSION['admin_login'] != '超级管理员') {
die;
}
$page = PAPI_GetSafeParam('page');
$page = $page ? $page : 1;
$page = (int) $page;
$pageSize = 10;
if ($page > $count) {
$page = 1;
}
$start = ($page - 1) * $pageSize;
$action = PAPI_GetSafeParam('action');
$action = $action ? $action : 'applist';
if ($action == 'applist') {
$countrs = $db->get_one('SELECT count(*) as total FROM publicapi_app ');
$count = (int) $countrs['total'];
$rs = $db->get_all("SELECT a.appid AS appid, a.appname, u.account, a.`status`, a.callCount FROM publicapi_app AS a RIGHT JOIN user_app AS ua ON ua.appid = a.appid LEFT JOIN publicapi_user AS u ON u.cid = ua.cid LIMIT {$start},{$pageSize}");
require 'template/applist.temp.php';
//导入头部
} elseif ($action == apilist) {
$countrs = $db->get_one('select count(*) as total from(SELECT 1 as sum FROM infcall_his GROUP BY methodName) as aa ');
$count = (int) $countrs['total'];
$rs = $db->get_all("SELECT methodName, Count(*) as sum FROM infcall_his GROUP BY methodName LIMIT {$start},{$pageSize}");
require 'template/apilist.temp.php';
//导入头部
}
